because i’m using HPKP i created 2 Backup CSRs following this tutorial: https://scotthelme.co.uk/hpkp-http-public-key-pinning/
As the tutorial didn’t mention the subjectAltName filed and didn’t know much about certificate issuing at the time i did not set my domain name in the san field of the csr.
Now as my certificate is going to expire tomorrow i wanted to get a new certificate. For that i have to use my existing CSRs because their hash pin is known to the bowsers of my users.
I this: ./letsencrypt-auto certonly --csr my.domain.csr -d my.domain
and got: Unfortunately, your CSR needs to have a SubjectAltName for every domain. (That is also the only message in letsencrypt.log)
Is there any way i can get a certificate for my domain from my existing CSR files?
Any help is appreciated